static u32_t verify_gf_2_128_double(u8_t *K1, u8_t *K2, struct tc_cmac_struct s) { u32_t result = TC_PASS; TC_PRINT("Performing CMAC test #1 (GF(2^128) double):\n"); u8_t zero[BUF_LEN]; u8_t L[BUF_LEN]; const u8_t l[BUF_LEN] = { 0x7d, 0xf7, 0x6b, 0x0c, 0x1a, 0xb8, 0x99, 0xb3, 0x3e, 0x42, 0xf0, 0x47, 0xb9, 0x1b, 0x54, 0x6f }; const u8_t k1[BUF_LEN] = { 0xfb, 0xee, 0xd6, 0x18, 0x35, 0x71, 0x33, 0x66, 0x7c, 0x85, 0xe0, 0x8f, 0x72, 0x36, 0xa8, 0xde }; const u8_t k2[BUF_LEN] = { 0xf7, 0xdd, 0xac, 0x30, 0x6a, 0xe2, 0x66, 0xcc, 0xf9, 0x0b, 0xc1, 0x1e, 0xe4, 0x6d, 0x51, 0x3b }; (void) memset(zero, '\0', sizeof(zero)); tc_aes_encrypt(L, zero, s.sched); if (memcmp(L, l, BUF_LEN) != 0) { TC_ERROR("%s: AES encryption failed\n", __func__); show("expected L =", l, sizeof(l)); show("computed L =", L, sizeof(L)); return TC_FAIL; } gf_double(K1, L); if (memcmp(K1, k1, BUF_LEN) != 0) { TC_ERROR("%s: gf_2_128_double failed when msb = 0\n", __func__); show("expected K1 =", k1, sizeof(k1)); show("computed K1 =", K1, sizeof(k1)); return TC_FAIL; } gf_double(K2, K1); if (memcmp(K2, k2, BUF_LEN) != 0) { TC_ERROR("%s: gf_2_128_double failed when msb = 1\n", __func__); show("expected K2 =", k2, sizeof(k2)); show("computed K2 =", K2, sizeof(k2)); return TC_FAIL; } TC_END_RESULT(result); return result; }
int tc_cbc_mode_encrypt(uint8_t *out, unsigned int outlen, const uint8_t *in, unsigned int inlen, const uint8_t *iv, const TCAesKeySched_t sched) { uint8_t buffer[TC_AES_BLOCK_SIZE]; unsigned int n, m; /* input sanity check: */ if (out == (uint8_t *) 0 || in == (const uint8_t *) 0 || sched == (TCAesKeySched_t) 0 || inlen == 0 || outlen == 0 || (inlen % TC_AES_BLOCK_SIZE) != 0 || (outlen % TC_AES_BLOCK_SIZE) != 0 || outlen != inlen + TC_AES_BLOCK_SIZE) { return TC_CRYPTO_FAIL; } /* copy iv to the buffer */ (void)_copy(buffer, TC_AES_BLOCK_SIZE, iv, TC_AES_BLOCK_SIZE); /* copy iv to the output buffer */ (void)_copy(out, TC_AES_BLOCK_SIZE, iv, TC_AES_BLOCK_SIZE); out += TC_AES_BLOCK_SIZE; for (n = m = 0; n < inlen; ++n) { buffer[m++] ^= *in++; if (m == TC_AES_BLOCK_SIZE) { (void)tc_aes_encrypt(buffer, buffer, sched); (void)_copy(out, TC_AES_BLOCK_SIZE, buffer, TC_AES_BLOCK_SIZE); out += TC_AES_BLOCK_SIZE; m = 0; } } return TC_CRYPTO_SUCCESS; }